From a413d3c9f9d9b6e25d99e0c348772ccb81188f11 Mon Sep 17 00:00:00 2001 From: Jan Gorecki Date: Sat, 2 Dec 2023 15:29:20 +0100 Subject: [PATCH] Fix format-security compiler warnings (#5774) (#5781) Co-authored-by: Michael Chirico --- src/assign.c | 2 +- src/forder.c | 2 +- src/fwrite.c | 4 ++-- src/rbindlist.c | 8 ++++---- src/subset.c | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/assign.c b/src/assign.c index fc960132d..3356e918b 100644 --- a/src/assign.c +++ b/src/assign.c @@ -527,7 +527,7 @@ SEXP assign(SEXP dt, SEXP rows, SEXP cols, SEXP newcolnames, SEXP values) targetcol = VECTOR_ELT(dt,coln); } const char *ret = memrecycle(targetcol, rows, 0, targetlen, thisvalue, 0, -1, coln+1, CHAR(STRING_ELT(names, coln))); - if (ret) warning(ret); + if (ret) warning("%s", ret); } *_Last_updated = numToDo; // the updates have taken place with no error, so update .Last.updated now diff --git a/src/forder.c b/src/forder.c index 8a62e1de7..c9063782b 100644 --- a/src/forder.c +++ b/src/forder.c @@ -56,7 +56,7 @@ static int *anso = NULL; static bool notFirst=false; static char msg[1001]; -#define STOP(...) do {snprintf(msg, 1000, __VA_ARGS__); cleanup(); error(msg);} while(0) // http://gcc.gnu.org/onlinedocs/cpp/Swallowing-the-Semicolon.html#Swallowing-the-Semicolon +#define STOP(...) do {snprintf(msg, 1000, __VA_ARGS__); cleanup(); error("%s", msg);} while(0) // http://gcc.gnu.org/onlinedocs/cpp/Swallowing-the-Semicolon.html#Swallowing-the-Semicolon // use STOP in this file (not error()) to ensure cleanup() is called first // snprintf to msg first in case nrow (just as an example) is provided in the message because cleanup() sets nrow to 0 #undef warning diff --git a/src/fwrite.c b/src/fwrite.c index ef8b822e9..322909749 100644 --- a/src/fwrite.c +++ b/src/fwrite.c @@ -736,7 +736,7 @@ void fwriteMain(fwriteMainArgs args) } if (f==-1) { *ch = '\0'; - DTPRINT(buff); + DTPRINT("%s", buff); free(buff); } else { int ret1=0, ret2=0; @@ -926,7 +926,7 @@ void fwriteMain(fwriteMainArgs args) errno=0; if (f==-1) { *ch='\0'; // standard C string end marker so DTPRINT knows where to stop - DTPRINT(myBuff); + DTPRINT("%s", myBuff); } else if ((args.is_gzip ? WRITE(f, myzBuff, (int)myzbuffUsed) : WRITE(f, myBuff, (int)(ch-myBuff))) == -1) { failed=true; // # nocov diff --git a/src/rbindlist.c b/src/rbindlist.c index 366902883..2ffff3af8 100644 --- a/src/rbindlist.c +++ b/src/rbindlist.c @@ -208,7 +208,7 @@ SEXP rbindlist(SEXP l, SEXP usenamesArg, SEXP fillArg, SEXP idcolArg) const char *str = isString(s) ? CHAR(STRING_ELT(s,w2)) : ""; snprintf(buff, 1000, _("Column %d ['%s'] of item %d is missing in item %d. Use fill=TRUE to fill with NA (NULL for list columns), or use.names=FALSE to ignore column names.%s"), w2+1, str, i+1, missi+1, extra ); - if (usenames==TRUE) error(buff); + if (usenames==TRUE) error("%s", buff); i = LENGTH(l); // break from outer i loop break; // break from inner j loop } @@ -229,8 +229,8 @@ SEXP rbindlist(SEXP l, SEXP usenamesArg, SEXP fillArg, SEXP idcolArg) } const char *o = isNull(opt) ? "message" : CHAR(STRING_ELT(opt,0)); if (strcmp(o,"message")==0) { eval(PROTECT(lang2(install("message"),PROTECT(ScalarString(mkChar(buff))))), R_GlobalEnv); UNPROTECT(2); } - else if (strcmp(o,"warning")==0) warning(buff); - else if (strcmp(o,"error")==0) error(buff); + else if (strcmp(o,"warning")==0) warning("%s", buff); + else if (strcmp(o,"error")==0) error("%s", buff); else if (strcmp(o,"none")!=0) warning(_("options()$datatable.rbindlist.check=='%s' which is not 'message'|'warning'|'error'|'none'. See news item 5 in v1.12.2."), o); } } @@ -490,7 +490,7 @@ SEXP rbindlist(SEXP l, SEXP usenamesArg, SEXP fillArg, SEXP idcolArg) } for (int k=0; k